The mobile operating system must wipe all storage media after an organization defined number of consecutive, unsuccessful attempts to unlock the mobile device.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-33233	SRG-OS-000227-MOS-000114	SV-43651r1_rule		Medium

Description
Mobile devices present additional risks related to attempted unauthorized access. If they are lost, stolen, or misplaced, attempts can be made to unlock the device by guessing the password. Once unlocked, an adversary may be able to obtain sensitive data on the device. Wiping storage media renders all such data permanently inaccessible. There are two acceptable methods to wipe the device. The first is to overwrite the data on the media several times, so it is not longer recoverable. In this case, the device should implement DoD 5220.22-M (E) (3pass), in which the media is overwritten three times. The second is to delete the locally stored encryption key on a device that encrypts all data stored on the device. In this case, the key must be wiped using a method complying with DoD 5220.22-M (ECE) (7 pass), in which all storage sectors containing the key are overwritten seven times. When the mobile device employs flash media, alternative methods consistent with those described in NIST SP 800-88 (as revised) are acceptable.

Description

Mobile devices present additional risks related to attempted unauthorized access. If they are lost, stolen, or misplaced, attempts can be made to unlock the device by guessing the password. Once unlocked, an adversary may be able to obtain sensitive data on the device. Wiping storage media renders all such data permanently inaccessible. There are two acceptable methods to wipe the device. The first is to overwrite the data on the media several times, so it is not longer recoverable. In this case, the device should implement DoD 5220.22-M (E) (3pass), in which the media is overwritten three times. The second is to delete the locally stored encryption key on a device that encrypts all data stored on the device. In this case, the key must be wiped using a method complying with DoD 5220.22-M (ECE) (7 pass), in which all storage sectors containing the key are overwritten seven times. When the mobile device employs flash media, alternative methods consistent with those described in NIST SP 800-88 (as revised) are acceptable.

STIG	Date
Mobile Operating System Security Requirements Guide	2013-07-03

Details

Check Text ( C-41528r1_chk )
Review mobile operating system configuration to determine if the system wipes all storage media after an organization defined number of consecutive, unsuccessful attempts to unlock the mobile device. Check if the chosen wipe method is compliant with DoD 5220.22-M, using at least three passes for data and at least 7 for keys, or an alternative method described in NIST SP 800-88 (as revised). If feasible, on a spare device, test if the control is enforced by entering the requisite number of incorrect passwords. The device should be inoperable after the wipe process. If the system is not configured for the device wipe functionality, this is a finding.

Check Text ( C-41528r1_chk )

Review mobile operating system configuration to determine if the system wipes all storage media after an organization defined number of consecutive, unsuccessful attempts to unlock the mobile device. Check if the chosen wipe method is compliant with DoD 5220.22-M, using at least three passes for data and at least 7 for keys, or an alternative method described in NIST SP 800-88 (as revised). If feasible, on a spare device, test if the control is enforced by entering the requisite number of incorrect passwords. The device should be inoperable after the wipe process. If the system is not configured for the device wipe functionality, this is a finding.

Fix Text (F-37164r1_fix)
Configure the operating system to wipe the mobile device after an organization defined number of consecutive, unsuccessful attempts to unlock it.